Date: Wed, 26 May 2004 13:59:16 -0700 (PDT) From: Buzz Slye <buzz@gaia.arc.nasa.gov> To: freebsd-firewire@freebsd.org Subject: Quadlet read/write bug Message-ID: <Pine.GSO.4.58.0405261357400.2183@mono.arc.nasa.gov>
next in thread | raw e-mail | index | archive | help
A temporary fix to the asyncronous read and write cases of fw_ioctl
for a req.len = 16 is (fwdev.c line 595):
int tc;
.....
/* copy response */
tc = xfer->recv.hdr.mode.hdr.tcode;
tinfo = &sc->fc->tcode[tc];
if (tc == FWTCODE_RRESQ || tc == FWTCODE_WRES)
asyreq->req.len = xfer->recv.pay_len;
else if (asyreq->req.len >= xfer->recv.pay_len + tinfo->hdr_len)
asyreq->req.len = xfer->recv.pay_len;
else
err = EINVAL;
The above will work for rreqq and wreqq, but I didn't look at the other cases.
Note that for the read request response, the payload length is 4, but the
header length is 16. This adds up to 20 which doesn't work for req.len=16.
The response header should be 12 maybe, if the payload is 4 ?
For the write request response, the payload length is 4096, but there really
isn't any payload returned. Returning req.len=4096 isn't good, but if the
application doesn't check it, it certainly beats returning EINVAL.
R. E. Slye
NASA/Ames
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.58.0405261357400.2183>